AMENDMENTS TO THE CLAIMS 



LISTING OF CLAIMS IN THE CASE 

The following listing of claims replaces all previous listing of claims: 
1-12. (Canceled) 

13. (Currently Amended) A computer-readable medium having stored thereon a 
program, which when run on a processor, performs a method of managing a 
network, said method comprising: 

[[a)]] comparing addresses associated with packets received at a first port in 
said network with expected addresses for said first port to detennine unexpected 
addresses; and 

[[b)]] tracing a topology of said network to determine a second port at which a 
packet associated with an unexpected address entered said network. 

14. (Original) The computer-readable medium of Claim 13 wherein said network 
is a virtually-wired switching network and said first port couples switches in said 
network and said second port is coupled to a host device. 

1 5. (Previously Presented) The computer-readable medium of Claim 1 3, wherein 
said network comprises a virtually-wired switching fabric. 

1 6. (Currently Amended) The computer-readable medium of Claim 1 5, wherein 
said method further comprises: 

[[c)]] taking corrective action at said second port, wherein said second port is 
coupled to a host device. 
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1 7. (Currently Amended) The computer-readable medium of Claim 1 5, wherein 
said method further comprises: 

[[c)]] disabling said second port, wherein said network i s a virtually - w i r e d 
switching fabr i c and said second port is at the edge of said virtual I v-wired switching 
fabric. 

18. (Currently Amended) The computer-readable medium of Claim 13 wherein 
said comparing addresses associated with packets received at a first port in said 
network with expected addresses for said first port to determine unexpected 
addresses a) of sa i d m e thod comprises reading a bridge table to determine leamed 
addresses at said first port. 

19. (Currently Amended) The computer-readable medium of Claim 13 wherein 
said comparing addresses associated with packets received at a first port in said 
network with expected addresses for said first port to determine unexpected 
addresses a) of said method is repeated for each interconnect port in said network, 
wherein said network comprises a plurality of switches. 

20. (Currently Amended) The computer-readable medium of Claim 1 3, wherein 
said method further comprises: 

[[c)]] determining changes in physical topology of said network. 

21 . (Currently Amended) The computer-readable medium of Claim 20 wherein 
said determining changes in physical topology of said network c) of said method 
comprises comparing a physical description of said network with a stored physical 
description of said network. 
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22. (Previously Presented) A method of managing a network, said method 
comprising: 

accessing a database of a stored physical topology of said networl^ to obtain 
authorized addresses at host ports of switches; 

configuring a switch in said network to forward a packet received at a first 
port if an address associated with said packet is authorized for said first port; 

comparing a set of learned addresses against a set of expected addresses, 
said teamed addresses comprising addresses associated with packets processed at 
a second port, said expected addresses derived from an expected configuration of 
said network; and 

tracing a topology of said network to find a third port where an unexpected 
address entered said network, said third port coupled to a device having a media 
access control (MAC address) that is said unexpected address. 

23. (Cancelled) 

24. (Currently Amended) The method of Claim 22, further comprising: 
disabling said third port, wherein said network is a virtually-wired switching 

fabric and said third port is at the edge of said virtually-wired switching fabric. 

25. (Previously Presented) The method of Claim 22, wherein said configuring the 
switch further comprises configuring the switch to drop said packet if said address is 
not authorized. 

26. (Previously Presented) The method of Claim 22, wherein said configuring the 
switch comprises programming the switch in said networic to recognize authorized 
addresses for said first port. 
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27. (Previously Presented) The method of Claim 22, wherein said configuring the 
switch further comprises configuring the switch to fonA^ard said packet to a host 
device if said address is authorized for said first port, said first port coupled to said 
host device. 

28. (Previously Presented) The method of Claim 22, further comprising: 
detemiining changes in physical topology of said network. 

29. (Previously Presented) The method Claim 28 wherein said determining 
changes in physical topology comprises comparing a physical description of said 
network with said stored physical topology of said network. 

30. (Original) The method of Claim 29 wherein said address is a media access 
control (MAC) address and wherein said network comprises a virtually-wired 
switching fabric. 

31 . (Previously Presented) A network comprising: 
a plurality switches; 

said switches interconnected and configured to control communication 
between a plurality of devices coupled to said network; 

a database having stored therein a stored physical topology of said network 
and authorized addresses associated with packets processed at ports of said 
switches, wherein said authorized addresses are based on said stored physical 
topology; 

a configuration agent that is able to program said switches based on said 
authorized addresses to detect a packet having an unauthorized address; and 
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a management agent that is able to: 

compare addresses learned by said switches against said authorized 
addresses to determine an unauthorized address; and 

trace a topology of said network to determine a port where a packet 
associated with said unauthorized address entered said network. 

32. (Previously Presented) The network of Claim 31 , wherein: 

said switches are further configured to forward said packet if said address is 
authorized. 

33. (Previously Presented) The network of Claim 31 , wherein: 

said switches are further configured to drop said packet if said address is not 
authorized. 

34. (Original) The network of Claim 31 , wherein there is a one-to-one mapping 
between ports of said switches and ports of said devices. 

35. (Previously Presented) A network as recited in Claim 31 wherein 
said addresses are medium control access (MAC) addresses. 

36. (Previously Presented) A network as recited in Claim 31 wherein 
said network comprises a virtually-wired switching fabric. 
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37. (Previously Presented) A network as recited in Claim 31 wherein 
said management agent is further able to detemnine changes in said physical 
topology of said network and to update said stored physical topology and authorized 
addresses in said database based on said changes. 

38. (Previously Presented) A network as recited in Claim 37 wherein 
said configuration agent is further able to re-program said switches based on said 
updates to said authorized addresses. 
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